Alex Samad <alex@samad.com.au> writes:
> On Thu, Jul 24, 2008 at 09:52:22AM +0200, Csanyi Pal wrote:
>> Alex Samad <alex@samad.com.au> writes:
>>
>> > On Wed, Jul 23, 2008 at 08:02:58PM +0200, Csanyi Pal wrote:
>> >> Andrew Sackville-West <andrew@farwestbilliards.com> writes:
>
> [snip]
>> This is working from gateway. I'm trying it from LAN behind the
>> gateway/firewall, from desktop machine.
>
> If this is working from the gateway then I would presume that the
> problem is at the gateway, for you local LAN clients, all their traffic
> has to go through the gateway
>
>> tcpdump now shows traffic, when I ping www.google.com from desktop
>> machine.
>>
>> I run on gateway command:
>> sudo tcpdump -pni eth2 port 53 or host 62.108.117.6
>>
>> listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
>> 09:42:10.158205 IP 91.102.227.98.46197 > 62.108.117.6.53: 1661+ A?
>> www.google.com. (32)
>> 09:42:15.153786 IP 91.102.227.98.50360 > 213.244.255.2.53: 1661+ A?
>> www.google.com. (32)
> I presume 91.102.227.98 is your public Internet address (eth2 on the
> gateway), you don't see any return packets, which is strange ? If you
> do the same test on the gateway you see the return packets ?
I did the same test on the gateway and tcpdump give to me these lines:
12:37:08.773167 IP 62.108.117.6.53 > 91.102.231.33.1028: 26739 1/4/0(151)
12:37:09.752199 IP 91.102.231.33.1028 > 62.108.117.6.53: 41421+ PTR?
103.91.249.66.in-addr.arpa. (44)
12:37:09.769013 IP 62.108.117.6.53 > 91.102.231.33.1028: 41421 1/4/0(151)
12:37:10.743902 IP 91.102.231.33.1028 > 62.108.117.6.53: 52686+ PTR?
103.91.249.66.in-addr.arpa. (44)
Now we can see the return packets, right?
> can you supply the output of
>
> ip a (shows your ip address)
> ip r (shows the routing information)
> iptables -nvL -t nat (show the iptables / firewall information for
> natting)
>From the gateway I give the commands:
ip a
----
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
1000
link/ether 00:e0:7d:fc:1a:b2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
inet6 fe80::2e0:7dff:fefc:1ab2/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
1000
link/ether 00:e0:7d:fc:1a:b0 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global eth1
inet6 fe80::2e0:7dff:fefc:1ab0/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
1000
link/ether 00:14:04:31:19:9f brd ff:ff:ff:ff:ff:ff
inet 91.102.231.33/28 brd 91.102.231.47 scope global eth2
inet6 fe80::214:4ff:fe31:199f/64 scope link
valid_lft forever preferred_lft forever
5: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
eth2 is my interface to the internet providers server.
I have a public IP address given to my by my ISP, but this IP address
should to be: 91.102.227.98 and not the abowe shown
91.102.231.33. Mybe ISP changed my public IP address? I shall to ask
him.
ip r
----
91.102.231.32/28 dev eth2 proto kernel scope link src 91.102.231.33
192.168.2.0/24 dev eth1 proto kernel scope link src 192.168.2.1
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
default via 91.102.231.46 dev eth2
sudo iptables -nvL -t nat
-------------------------
Attachment:
iptables-firewall_natting_info
Description: natting info
-- Regards, Paul Csanyi http://www.freewebs.com/csanyi-pal/index.htm